DMVPN: How to Get from Zero to Hero?
John (not a real name for obvious reasons) sent me the following e-mail:
I am a Sys Admin who has recently assumed duties as a Net Eng. I am currently expected to perform responsibilities utilizing DMVPN with Cisco routers though I have never worked with DMVPN and have very little router experience. I started with your DMVPN webinar and it has been extremely helpful, but there’s still a huge gap between what I know so far and what I need to know to work with DMVPN.
In a few days I will deploy to Afghanistan to start work for a customer and I was hoping you might be able to give me some advice on the matter, perhaps some how-to documents or good books to purchase that will assist in the huge learning curve.
As we know, DMVPN utilizes a particular mix of technologies, from IP routing (both underneath DMVPN tunnels and across them) and IP routing protocols to IPsec, multipoint GRE and NHRP. Assuming John needs to start from scratch, I advised him to:
- Start with introductory material (CCNA level) to get familiar with the router's CLI and basic functions;
- Move to CCNP-level material to get exposure to technologies underlying DMVPN;
- Add a few networking bibles (like Jeff Doyle’s Routing TCP/IP) to the mix.
- Read everything Petr Lapukhov and Jeremy Stretch wrote on the above-mentioned topics
- Follow the blogs on Stretch’s list of networking blogs.
I was not able to recommend specific books as I never read them (your comments would be highly appreciated), but I did find a fantastic purchasing option: the Safari 10-slot Bookshelf allows you to read up to 10 books per month (giving you quite an error margin if you select the wrong books) and download five PDFs per month for astonishingly low $22.99.
The “only” question left is thus: which books should John select as the starting point and which ones would you recommend he reads to build his knowledge?
PS managing these DMVPN networks is cake compared with dealing with the cranky TDMA network management systems provided by GD and the like. In my experience, these systems and poor configuration management were the biggest enemies of the health of these tactical networks.
http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a008014bcd7.shtml
I know its not really a book and perhabs not everything is explained, but maybe it gives John some knowledge of what he can expect :)
/Kelvin
CCNA Official Exam Certification Library for a good intro to networking
http://www.amazon.com/Official-Certification-Library-640-802-Containing/dp/1587201836/ref=sr_1_1?ie=UTF8&s=books&qid=1302202458&sr=1-1
If you're not worried about the cert, skip the CCNP track (although the troubleshooting section is REALLY helpful) and read Doyle's Routing TCP/IP I and II.
http://www.amazon.com/Routing-TCP-IP-1-2nd/dp/1587052024/ref=sr_1_1?ie=UTF8&s=books&qid=1302202545&sr=1-1
http://www.amazon.com/Routing-TCP-CCIE-Professional-Development/dp/1578700892/ref=sr_1_1?ie=UTF8&s=books&qid=1302202591&sr=1-1
Stretch's blog is great- I'd also read the DMVPN design guide here:
http://www.cisco.com/en/US/docs/solutions/Enterprise/WAN_and_MAN/DMVPNttl.html
The trick is learning how to filter out exactly what you need to know versus what's nice to know. He really can't skip too much on the foundation, but once you get through Doyle's books everything seems to make a lot more sense, and you can see the commonality in the technology.
http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a008014bcd7.shtml
thanks.
Misbah Mumtaz
First, Cisco has a PDF which addreses the architecture at a high level but in more depth than the link listed by meher zmania below: http://www.cisco.com/application/pdf/en/us/guest/netsol/ns171/c649/ccmigration_09186a008075ea98.pdf
But even better is this document specifically about the JNN with router examples which show how SIPRNET is tunneled over NIPRNET over this DMVPN architecture along with some detailed technical info on the program of record terminals which comprise many of the terminals: http://www.fas.org/irp/doddir/army/fmi6-02-60.pdf
There are tons of more detailed design docs but I couldn't really find any links.